Lack of BYOD policy putting enterprises at risk: IDC

More than half of 250 Australian participants did not have a formal bring-your-own-device (BYOD) policy for smartphones

IDC Australia telecommunications associate director Dustin Kehoe.

IDC Australia telecommunications associate director Dustin Kehoe.

Companies could be exposing the crown jewels to malware and data breaches by not having a formal bring-your-own-device policy warns IDC Australia.

The analyst firm has released findings from its End Users BYOD survey which surveyed 250 Australians including managers, content producers and employees who work on the road such as sales representatives.

It found that 55 per cent of participants had no formal BYOD policy for smartphones while 49 per cent did not have a policy for tablets. In addition, 41 per cent of business surveyed had no policy in place for laptops.

“While most businesses appear to be in a discovery phase with policies, there are still small pockets which ignore the issue outright,” said IDC Australia telecommunications associate director Dustin Kehoe in a statement.

“In the interim, corporate data is more exposed to a host of security vulnerabilities such as malware attacks across an untold number of endpoints.”

Telcos to dial up UC, security sectors in 2013: IDC

How to create a mobile device policy in the BYOD era

Network security in the BYOD era

According to Kehoe, while the IT department can report cost savings through BYOD, not having a policy in place could end up costing the organisation even more.

“Employees are finding ways to expense their communication costs elsewhere but this means business are still incurring large hidden costs which have no way of being measured,” he said.

“The only given is that data is inherently less secure.”


The survey also asked participants about the current brand of mobile device they use and what they would prefer to use at work if given a choice.

While Apple led brand preference with its iPhone and iPad, 21 per cent of participants would use a BlackBerry phone for work if given the option to choose their device.

“This suggests that not only does Blackberry have significant mindshare and presence in the enterprise, but IT should not make assumptions on employees' preferences and a survey should be carried out,” Kehoe said.

“It is therefore reasonable to assume that if employees were given a stipend to buy the devices they needed for work, the market share of [Blackberry] brands in the enterprise could shift dramatically."

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow CIO Australia on Twitter and Like us on Facebook… Twitter: @CIO_Australia, Facebook: CIO Australia, or take part in the CIO conversation on LinkedIn: CIO Australia

Join the CSO newsletter!

Error: Please check your email address.

Tags BlackberryIDC AustraliaBYOD policyDustin KehoeBYOD security

More about AppleBlackBerryFacebookIDC Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Hamish Barwick

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts